lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 15 Sep 2021 08:38:43 +0000
From:   David Laight <David.Laight@...LAB.COM>
To:     'Guenter Roeck' <linux@...ck-us.net>,
        "David S . Miller" <davem@...emloft.net>
CC:     "sparclinux@...r.kernel.org" <sparclinux@...r.kernel.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Arnd Bergmann <arnd@...nel.org>,
        Anatoly Pugachev <matorola@...il.com>,
        Sam Ravnborg <sam@...nborg.org>
Subject: RE: [PATCH v2] sparc: mdesc: Fix compile error seen with gcc 11.x

From: Guenter Roeck
> Sent: 14 September 2021 23:47
...
> I am not sure if there was agreement to accept this patch or not, but
> I was asked to resend it with the above change, so here it is. An open
> question was if it is acceptable to have a structure named xxx_hdr
> include an element pointing to the data following that header.

It may be a pragmatic solution to the problem.
But it isn't 'correct'.
OTOH I think gcc is broken.
It ought to at least give a sane method of getting the warning
ignored in specific cases.

> If this patch is not acceptable, the patch in buildbot may be a possible
> alternative to consider.
>     https://git.busybox.net/buildroot/commit/?id=6e1106b4a9aee25d1556310d5cd1cb6dde2e6e3f
> 
>  arch/sparc/kernel/mdesc.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/arch/sparc/kernel/mdesc.c b/arch/sparc/kernel/mdesc.c
> index 8e645ddac58e..83e1f699bc32 100644
> --- a/arch/sparc/kernel/mdesc.c
> +++ b/arch/sparc/kernel/mdesc.c
> @@ -39,6 +39,7 @@ struct mdesc_hdr {
>  	u32	node_sz; /* node block size */
>  	u32	name_sz; /* name block size */
>  	u32	data_sz; /* data block size */
> +	char	data[];
>  } __attribute__((aligned(16)));
> 
>  struct mdesc_elem {
> @@ -612,7 +613,7 @@ EXPORT_SYMBOL(mdesc_get_node_info);
> 
>  static struct mdesc_elem *node_block(struct mdesc_hdr *mdesc)
>  {
> -	return (struct mdesc_elem *) (mdesc + 1);
> +	return (struct mdesc_elem *) (mdesc->data);
>  }

In order for gcc to consider (mdesc + 1) to have size 0
I think it must have tracked the pointer from a structure
that has another field (or structure end) following 'mdesc'.
If that is the case then it should also know that the data[]
must also be size 0.
So the warning may reappear with the next gcc version.

The busybox patch has:
+@@ -75,6 +75,7 @@ struct mdesc_handle {
+ 	refcount_t		refcnt;
+ 	unsigned int		handle_size;
+ 	struct mdesc_hdr	mdesc;
++	char			data[];
+ };


Which really ought to be more than enough.
Although the extra space could be considered to even be
outside that structure.
But the gcc folks suggested a completely brain-dead change
that requires taking the offset from the outer structure.
--	return (struct mdesc_elem *) (mdesc + 1);
++	return (struct mdesc_elem *) hp + offsetof(struct mdesc_handle, data);
which is probably missing a (char *) cast.

I wonder if it might be better to 'launder' the pointer
so that gcc can't track its size.
It may be that:
	return (struct mdesc_elem *)(ulong)(mdesc + 1);
is enough.
Otherwise it will need to be passed into an asm block.

But gcc is getting stupid for system programming.

	David

-
Registered Address Lakeside, Bramley Road, Mount Farm, Milton Keynes, MK1 1PT, UK
Registration No: 1397386 (Wales)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ